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REMARKS 

This Amendment and Response and the following remarks are intended to fully respond 
to the Non-Final Office Action mailed December 23, 2009. In that Office Action, claims 1, 3- 
16, 18-20, and 22 were examined, and all were rejected. Specifically, claims 1, 9, and 16 were 
rejected under 35 U.S.C. § 1 12, first paragraph, as allegedly failing to comply with the 
enablement requirement. Claims 1, 3-16, 18-21, and 22 were rejected under 35 U.S.C. § 103(a) 
as allegedly being unpatentable over U.S. Pat. No. 6,801,998 to Hanna, et al. (hereinafter, 
"Hanna") and fiirther in view of U.S. Patent No. 7,068,789 to Huitema, et al. (hereinafter, 
"Huitema"). Reconsideration of these rejections, as they might apply to the original and 
amended claims in view of these remarks, is respectfiiUy requested. 

In this Amendment and Response, claims 1, 8, 9, 1 1-13, 15, 16, 18-20, and 22 have been 
amended. Claims 3-7, 10, and 14 have been cancelled without prejudice, and claims 2, 17, and 
21 remain cancelled without prejudice. No claims have been added. Therefore, claims 1, 8, 9, 
1 1-13, 15, 16, 18-20, and 22 remain present for examination. This application is in condition for 
allowance, and such action is respectfully requested. 

Claim Rejections - 35 U.S.C. S 112. First Paragrap h; Claims 1. 9. and 16 

Claims 1, 9, and 16 were rejected under 35 U.S.C. § 1 12, first paragraph, as allegedly 
failing to comply with the enablement requirement. Applicants respectfiiUy do not agree with 
these rejections. Applicants maintain that the Specification supports the rejected claim language. 
However, in the interest only of fonvarding the prosecution of this application to allowance, 
Applicants have amended claims 1, 9, and 16 to remove the rejected language. In light of these 
amendments. Applicants respectfully request the withdrawal of tiiese rejections and the 
allowance of claims 1, 9, and 16. 

Claim Rejections - 35 U.S.C. 8 103(a): Claims 1. 3-16. 18-21. & 22 

Claims 1, 3-16, 18-21, and 22 were rejected under 35 U.S.C. § 103(a) as allegedly being 
unpatentable over Hanna in fiirther view of Huitema. Applicants respectfully disagree with and 
traverse these rejections. To estabUsh a prima facie case of obviousness, the references must 
teach or suggest each and every one of the claim elements to one of ordinary skill in tiie art at the 
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time the invention was made. See MPEP §§ 2142, 2143.03; In re Wilson, 424 F.2d 1382, 1385 
(C.C. P.A. 1970). In addition, KSR International Company v. Teleflex, Inc., 127 S. Ct. 1727, 
1741 (2007), requires that there "must be some articulated reasoning with some rational 
underpinning to support the legal conclusion of obviousness." (Emphasis added.) Further, "a 
patent composed of several elements is not proved obvious merely by demonstrating that each of 
its elements was, independently, known in the prior art." KSR Int'l Co., 127 S. Ct. at 1741. 
Specifically, the references fail to teach or suggest all of the claim elements. 

For example, Hanna in further view of Huitema fail to teach or suggest at least the 
following with respect to claim 1 : 



generating a first group-signed group identity information document 
comprising the group identity information for the first group, an embedded use 
policy that expresses a privacy policy providing instructions as to how the group 
identity information for the first group may be used, wherein the embedded use 
policy is stored with the group identity information for the first group, at least a 
first key, and a first group identity information document signature signed by an 
owner of the first group using a second key associated with the first key, wherein 
the second key is a private key of the first group and is owned by the first group 
owner; 

sending the first group-signed group identity information document to the 
first receiving system to establish the first group as a new group identity at the 
first receiving system; 

receiving a selection of personal identity information to include in a 
personal certificate for an originator; 

generating a self-signed personal certificate using the selection of 
personal identity information, wherein the self- signed personal certificate 
establishes the originator 's personal identity, and wherein the self-signed 
personal certificate is signed by the originator; 

attaching the self-signed personal certificate to a first message for sending 
to the first receiving system; 

determining whether to attach, to the first message, a first group-signed 
membership certificate with the self-signed personal certificate, wherein the first 
group-signed membership certificate is group-signed by the first group owner, 
and wherein the first group-signed membership certificate establishes the 
originator 's membership identity in the first group; 

when the first group-signed membership certificate is to be attached to the 
first message: 

attaching the first group-signed membership certificate with the 
self-signed personal certificate to the first message for sending to the first 
receiving system; 
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determining whether to attach, to the first message, an additional 
membership certificate with the first group-signed membership certificate 
and the self-signed personal certificate; and 

when no additional membership certificate is to be attached, 
sending the first message with the attached self-signed personal certificate 
and the attached first group-signed membership certificate to the first 
receiving system. 

Claim 1, supra (as amended) (emphasis added). 

Hanna relates generally to permitting "an applicant associated with a client to obtain 
access to a service or resource available from or through an application server. In a preferred 
embodiment, the applicant is required to prove membership within a group having the requisite 
privileges to obtain access to the service or resource without receipt of intelligible information 
fi-om the application regarding the identification of the group or groups having access 
privileges." Hanna, at 3:9-1 7 (emphasis added). Hanna provides no teaching or suggestion, at a 
minimum, of". . . generating a self-signed personal certificate using the selection of personal 
identity information, wherein the self-signed personal certificate establishes the originator's 
personal identity, and wherein the self-signed personal certificate is signed by the originator . . . 
determining whether to attach, to the first message, a first group-signed membership certificate 

with the self-signed personal certificate " (Emphasis added.) The Office Action states that 

"Hanna teaches . . . [t]he method of claim 3, further comprising: sending to the receiving system 
a self-signed personal identity information document . . . [see rejection of claim 4, wherein if the 
group membership server determines if the applicant is a member of the specified group. 
Examiner is interpreting that it is clear that applicant submits some sort of identification 
information along with encrypted group ID in order for said server to authenticate/validate 
applicant.r Office Action, 12/23/2009, at? (emphasis in original). However, Applicants 
respectfully disagree. Determining whether the applicant is "a member of the specified group" 
provides no teaching or suggestion of, for example, ". . . generatmg a self-signed personal 
certificate using the selection of personal identity information, wherein the self-signed personal 
certificate establishes the originator 's personal identity, and wherein the self-signed personal 
certificate is signed by the originator . . . determining whether to attach, to the first message, a 
first group-signed membership certificate with the self-signed personal certificate . . . when the 
first group-signed membership certificate is to be attached to the first message: attaching the first 
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group-signed membership certificate with the self-signed personal certificate to the first message 

for sending to the first receiving system " (Emphasis added.) Hamia thus fails to disclose or 

suggest each and every limitation of claim 1 . 

Further, Huitema fails to cure the deficiencies of Hanna. Huitema relates generally to 
"ensuring valid and secure peer-to-peer communications in a group structure." Huitema, at 
2:59-60. Huitema provides for "every peer who is a valid member of the group to invite new 

members securely joining a peer-to-peer group by a peer " Huitema, at 3:1-3. 

Huitema' s "secure peer-to-peer communications in a group structure" provides no teaching or 
suggestion, for example, of". . . generating a self-signed personal certificate using the selection 
of personal identity information, wherein the self-signed personal certificate establishes the 
originator's personal identity, and wherein the self-signed personal certificate is signed by the 
originator . . . determining whether to attach, to the first message, a first group-signed 
membership certificate with the self-signed personal certificate, . . . when the first group-signed 
membership certificate is to be attached to the first message: attaching the first group-signed 
membership certificate with the self-signed personal certificate to the first message for sending 

to the first receiving system " (Emphasis added.) Huitema thus fails to teach or suggest 

each and every limitation of claim 1, and Huitema thus fails to cure the deficiencies of Hanna. 

Accordingly, Hanna in fiorther view of Huitema fail to teach or suggest each and every 
limitation of claim 1. Claim 1 is thus patentable under 35 U.S.C. § 103(a), and allowance of this 
claim is respectfully requested. While the cited references do not disclose each and every aspect 
of claim 1, Applicants have amended claim 1 in the interest only of forwarding the prosecution 
of this application to allowance. Amendments are therefore made without prejudice. Because 
claim 8 depends on allowable base claim 1, claim 8 is also allowable for at least the reasons 
presented above, and such action is also respectfully requested. As such, any remaining 
arguments supporting the rejections of these claims are not acquiesced to even though they are 
not addressed herein. Accordingly, Applicants respectfiiUy request the allowance of claims 1 
and 8. 

In addition, for at least similar reasons as those set forth above, Hanna in further view of 
Huitema fail to disclose or suggest each and every limitation of claims 9 and 16. For example, 
Hanna in further view of Huitema fail to teach or suggest at least the following with respect to 
claims 9 and 16: 
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a group ID generate module generating a first group-signed group 
certificate comprising at least a public key, a digital signature for the first group, 
and an embedded use policy that expresses a privacy policy providing instructions 
as to how a first subset of group identity information for the first group may be 
used at the first receiving system, wherein the embedded use policy is stored with 
the first subset of group identity information for the first group, and wherein the 
first subset of group identity information is selected from group identity 
information for disclosure to the first receiving system; 

a send module transmitting the group certificate to the first receiving 
system to establish the new group identity of the first group at the first receiving 
system; 

a receive module for receiving a selection of personal identity information 
to include in a personal certificate for an originator; 

a personal ID generate module for generating a self-signed personal 
certificate using the selection of personal identity information, wherein the self- 
signed personal certificate establishes the originator 's personal identity, and 
wherein the self signed personal certificate is signed by the originator; 

an attach module for attaching the self-signed personal certificate to a 
first message for sending to the first receiving system; 

a determination module for determining whether to attach, to the first 
message, a first group-signed membership certificate with the self signed 
personal certificate, wherein the first membership certificate is group-signed by 
the first group owner, and wherein the first group-signed membership certificate 
establishes the originator's membership identity in the first group; 

when the first group-signed membership certificate is to be attached to the 
first message: 

the attach module attaching the first group-signed membership 
certificate with the self-signed personal certificate to the first message for 
sending to the first receiving system; 

the determination module determining whether to attach, to the 
first message, an additional membership certificate with the first group- 
signed membership certificate and the self-signed personal certificate; and 

when no additional membership certificate is to be attached, the 
send module sending the first message with the self-signed personal 
certificate and the first group-signed membership certificate to the first 
receiving system. 

Claim 9, supra (as amended) (emphasis added). 



generating, at the initiating system, a first group-signed group certificate 
comprising at least an embedded group use policy that expresses a privacy policy 
providing instructions as to how a first subset of group identity information for a 
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first group may be used at the first receiving system, wherein the embedded use 
policy is stored with the first subset of group identity information for the first 
group, a group public key and a digital signature for the group signed, by a group 
owner of the first group, with a group private key associated with the group public 
key, and wherein the first subset of group identity information for the first group 
is selected from group identity information for disclosure to the first receiving 
system; 

sending the first group-signed group certificate to the first receiving 
system to establish the first group as a new group identity at the first receiving 
system; 

receiving a selection of personal identity information to include in a 
personal certificate for an originator; 

generating a self-signed personal certificate using the selection of 
personal identity information, wherein the self-signed personal certificate 
establishes the originator's personal identity, and wherein the self-signed personal 
certificate has at least a public key of the originator, an embedded personal use 
policy that expresses a personal privacy policy providing instructions as to how 
personal identity information may be used, wherein the embedded personal use 
policy is stored with the personal identity information, and a digital signature 
using the private key of the originator; 

attaching the self-signed personal certificate to a first message for sending 
to the first receiving system; 

determining whether to attach, to the first message, a first group-signed 
membership certificate with the self-signed personal certificate, wherein the first 
group-signed membership certificate is group-signed by the first group owner, 
and wherein the first group-signed membership certificate establishes the 
originator 's membership identity in the first group; 

when the first group-signed membership certificate is to be attached to the 
first message: 

attaching the first group-signed membership certificate with the 
self-signed personal certificate to the first message for sending to the first 
receiving system; 

determining whether to attach, to the first message, an additional 
membership certificate with the first group-signed membership certificate 
and the self-signed personal certificate; and 

when no additional membership certificate is to be attached, 
sending the first message with the self-signed personal certificate and the 
first group-signed membership certificate to the first receiving system. 

Claim 16, supra (as amended) (emphasis added). 

Accordingly, for at least reasons similar to those discussed above, Hanna in further view 
of Huitema fail to disclose or suggest each and every limitation of claims 9 and 16. These claims 
are therefore allowable. Because claims 1 1-13, 15,16, 18-20, and 22 depend on allowable base 
claims 9 and 16, respectively, these claims are also allowable for at least the reasons presented 
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above, and such action is respectfully requested. As such, any remaining arguments supporting 
the rejections of these claims are not acquiesced to even though they are not addressed herein. 
As noted, while the above discussion shows that the cited references fail to disclose each and 
every limitation of claims 9 and 16, amendments to the claims are made in the interest only of 
forwarding the prosecution of this application to allowance and are not necessarily made to 
address the Office Action's rejections based on the cited references. Amendments are therefore 
made without prejudice. 

For at least the reasons presented above, claims 1, 8, 9, 1 1-13, 15, 16, 18-20, and 22 are 
allowable. Accordingly, Applicants respectfully request the allowance of this application. 

Conclusion 

This Amendment and Response fully responds to the Non-Final Office Action mailed 
December 23, 2009. It is recognized that the Office Action may contain arguments and 
rejections that are not directly addressed by this Amendment and Response because they are 
rendered moot in light of the preceding arguments in favor of patentability. Hence, the failure, if 
any, of this Amendment and Response to directly address an argument and/or comment raised in 
the Office Action should not be taken as an indication that the Applicant believes the argument 
and/or conmient has merit. Additionally, the failure, if any, to address statements and/or 
comments made in the Office Action does not mean that the Applicants acquiesce to such 
statements and/or conunents. Furthermore, the claims of the present application may include 
other elements, not discussed in this Amendment and Response, which are not shown, taught, or 
otherwise suggested by the art of record. Accordingly, the preceding arguments in favor of 
patentability are advanced without prejudice to other bases of patentability. 

It is believed that no additional fees are due with this Amendment and Response. 
However, the Commissioner is hereby authorized to charge any deficiencies or credit any 
overpayment with respect to this patent application to deposit account number 13-2725. 

In light of the above remarks and amendments, the application is in condition for 
allowance and such action is respectfully requested. Should any additional issues need to be 
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resolved, the Examiner is respectfully requested to telephone the undersigned to attempt to 
resolve those issues. 

Respectfully submitted, 

Dated: Mav24. 2010 
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